When an organization experiences a disruptive event, the business continuity plan (BCP) should be triggered PRIMARILY based on:
When an organization experiences a disruptive event, the business continuity plan (BCP) should be triggered PRIMARILY based on:
A Business Continuity Plan (BCP) is generally triggered based on management direction. While factors such as the expected duration of the outage, the root cause of the event, or the type of security incident may influence the decision, it is ultimately the management's responsibility to evaluate the situation and decide when to activate the BCP. This ensures a coordinated and controlled response to the disruptive event.
A- Why not D, because Management direction or decision to activate BCP will be based on some criteria which is primarily 'A'. Why not 'C', because BCP could be non-security event based trigger as well.
The business continuity plan (BCP) should be triggered primarily based on the expected duration of outage (Option A). This approach ensures that the organization can respond promptly to minimize downtime and maintain critical operations
i agree with D. Incident response procedures should dictate the process to enact BCP and thats usually at management discretion. the expected duration will be just one of the many variables to consider
C. type of security incident.
I think D
Type of security incident. This comes with the assumption that the severity of incident is meant.